freeRADIUS -> AD Auth

nfischer at nfischer at
Mon Aug 18 17:53:28 CEST 2014

after I fully crashed my freeRADIUS Server I have to ask again:

It still fails with:
# Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/mschapv2
[eap] processing type mschapv2
[mschapv2] # Executing group from file
[mschapv2] +- entering group MS-CHAP {...}
[mschap] Creating challenge hash with username: hausmeister at OBLAN
[mschap] Told to do MS-CHAPv2 for hausmeister at OBLAN with NT-Password
[mschap]        expand: %{Stripped-User-Name} -> hausmeister
[mschap]        expand:
--username=%{%{Stripped-User-Name}:-%{%{User-Name}:-None}} ->
[mschap] Creating challenge hash with username: hausmeister at OBLAN
[mschap]        expand: %{mschap:Challenge} -> 01b99ad5745936be
[mschap]        expand: --challenge=%{%{mschap:Challenge}:-00} ->
[mschap]        expand: %{mschap:NT-Response} ->
[mschap]        expand: --nt-response=%{%{mschap:NT-Response}:-00} ->

Exec-Program output: Reading winbind reply failed! (0xc0000001)
Exec-Program-Wait: plaintext: Reading winbind reply failed!
Exec-Program: returned: 1
[mschap] External script failed.
[mschap] FAILED: MS-CHAP2-Response is incorrect
++[mschap] returns reject

so Im not sure why.
I think its because hes not allowed to execute the ntlm or my mschap
is cofigured wrong. (or both)

I checked the users/groups:

looks fine to me?

So my NTLM_Auth string in the modules/mschap is:
 ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key

I allso tried a lot of other stuff nothing change.
Hope you can help me again.
 Mit freundlichem Gruß
 Nicolas Fischer
 email: nfischer at
 jabber: jagger at
 tel: 01573-0420888
 Skype: jagger64
 TOX: Just ask me :)
 If you sent me a PGP Crypted Mail I´ll be happy and will give you a
free cookie :)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: freeradius-log.txt
URL: <>

More information about the Freeradius-Users mailing list